Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 25 Oct 1999 14:25:18 -0500
From:      "David L. Aldridge" <dlac@aldridge.com>
Cc:        FreeBSD-Stable <freebsd-stable@FreeBSD.ORG>
Subject:   Re: IP aliasing
Message-ID:  <3814AE9E.A910FBAF@aldridge.com>
References:  <Pine.BSF.3.96.991020115200.13144B-100000@workhorse.iMach.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Forrest,
I am creating virtual ip's on my system, by adding aliases during boot.
But I
can't reach the IP from the machine itself. When trying to connect from
other
hosts, it works!  I can reach the server from other boxes on the network
and the
Internet, but can't just lynx or ping to it from the server itself.

Can you tell me why this happens?

I have more than 100 ip based virtual hosts on a box.
During boot, rc.local evokes:

ifconfig ep0 206.180.151.123 netmask 0xffffffff alias

If I try to ping 206.180.151.123 from the box, it fails and syslog
reports:
Oct 24 21:40:34 TripleCrown /kernel: arplookup 206.180.151.123 failed:
could not
allocate llinfo
Oct 24 21:40:34 TripleCrown /kernel: arplookup 206.180.151.123 failed:
could not
allocate llinfo
Oct 24 21:40:34 TripleCrown /kernel: arpresolve: can't allocate llinfo
for
206.180.151.123rt
Oct 24 21:40:34 TripleCrown /kernel: arpresolve: can't allocate llinfo
for
206.180.151.123rt

If I then remove the address from the interface with route -d
xxx.xxx.xxx.xxx
and then do ifconfig ep0 206.180.151.123 netmask 0xffffffff alias, I can
then
ping the address from the box.


"Forrest W. Christian" wrote:
> 
> On Wed, 20 Oct 1999, Will Mitayai Keeso Rowe wrote:
> 
> > I noticed on another server's box that they alias IP addresses to their
> > loopback interface rather than their Ethernet interface. Is their any
> > benefit/detriment to doing this?
> 
> Here's the rule I use:
> 
> If the IP address you are adding is "Naturally" on the ethernet add it as
> an alias to the Ethernet interface.
> 
> If the IP address is on a different subnet than the Ethernet, add it as an
> alias on the loopback.
> 
> For example, let's say you're doing web hosting.   For a small number of
> hosts, you might just want to use some unused addresses on your ethernet.
> For example if your ethernet is the subnet 192.168.1.0/24 (the entire
> class c) then, you could utilize any of the unused addresses from
> 192.168.1.1 through 192.168.1.254 as a "alias" interface address.  In this
> case, you would add them to the Ethernet interface.
> 
> On the other hand, if you are going to be doing a lot of web hosting (or
> more simply put, more than the ethernet subnet has available) then you
> probably want to set aside another block just for web addresses.   For
> example, 192.168.2.0/24.  In this case, you would add the addresses to the
> Loopback interface.   You will also need to add either a host or a subnet
> route to your router pointing to the ethernet interface on your box.
> 
> For example, my main box is configured as follows:
> 
> bash$ ifconfig -a
> ed1: flags=8a43<UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST> mtu 1500
>         inet 206.127.77.89 netmask 0xfffffff0 broadcast 206.127.77.95
>         inet 206.127.77.81 netmask 0xfffffff0 broadcast 206.127.77.81
>         inet 206.127.77.91 netmask 0xfffffff0 broadcast 206.127.77.91
>         ether 00:00:1b:3c:a5:cc
> lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
> tun0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
>         inet 127.0.0.1 netmask 0xff000000
>         inet 206.127.77.129 netmask 0xffffffff
>         inet 206.127.77.130 netmask 0xffffffff
>         inet 206.127.77.131 netmask 0xffffffff
>         inet 206.127.77.132 netmask 0xffffffff
>         inet 206.127.77.133 netmask 0xffffffff
>         inet 206.127.77.138 netmask 0xffffffff
>         inet 206.127.77.139 netmask 0xffffffff
>         inet 206.127.77.140 netmask 0xffffffff
>         inet 206.127.77.141 netmask 0xffffffff
>         inet 206.127.77.142 netmask 0xffffffff
> 
> You could argue what the netmask should be in each case, but I generally
> use the same netmask as the ethernet interface on the aliases added to the
> ethernet, and a "host" netmask of 0xffffffff on the loopback interface.
> 
> Not to confuse the issue, but I believe that if you add an address to the
> loopback out of the range on the ethernet you also need to do some
> proxy-arp configuration (at least you used to).  This is the real reason
> you should add the "ethernet" to the ethernet.  Conversely, if you add
> "loopback" addresses to the ethernet, depending on the subnet and the
> state of the ip forwarding flag in the kernel, you may have interesting
> routing problems such as the machine trying to send packets for the subnet
> but not on the localhost out the ethernet.  (This last paragraph is
> oversimplified- If you'd like a more technically accurate description,
> e-mail me privately).
> 
> - Forrest W. Christian (forrestc@imach.com) KD7EHZ
> ----------------------------------------------------------------------
> iMach, Ltd., P.O. Box 5749, Helena, MT 59604      http://www.imach.com
> Solutions for your high-tech problems.                  (406)-442-6648
> ----------------------------------------------------------------------
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message

--
David L. Aldridge
The Aldridge Company 281.368.0166 (fax: 281.368.0381)
http://www.aldridge.com/
Powered by Pentium/FreeBSD/Apache - Because it works.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3814AE9E.A910FBAF>